Описание
A Qualys web application was found to have a stored XSS vulnerability resulting from the absence of HTML encoding in the presentation of logging information to users. This vulnerability allowed a user with login access to the application to introduce XSS payload via browser details.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 10.24.0.0 (исключая)
cpe:2.3:a:qualys:private_cloud_platform:*:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.0055
Низкий
5.7 Medium
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 5.7
github
около 2 лет назад
A Qualys web application was found to have a stored XSS vulnerability resulting from the absence of HTML encoding in the presentation of logging information to users. This vulnerability allowed a user with login access to the application to introduce XSS payload via browser details.
EPSS
Процентиль: 67%
0.0055
Низкий
5.7 Medium
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79